-
公开(公告)号:US20190050603A1
公开(公告)日:2019-02-14
申请号:US15940887
申请日:2018-03-29
Applicant: Intel Corporation
Inventor: Sean R. Atsatt , Ting Lu , James Ryan Kenny , Bruce B. Pedersen , Robert Landon Pelt , Andrew Martyn Draper
Abstract: Integrated circuit devices and methods include utilizing security features including authenticating incoming data by receiving one or more hash blocks each including multiple hash sub-blocks. Authenticating also includes receiving encrypted data including multiple data sub-blocks. Authenticating also includes authenticating a first hash block of the one or more hash blocks using a root hash of an integrated circuit device. Authenticating further includes authenticating each of the multiple data sub-blocks using a corresponding hash sub-block of the multiple hash sub-blocks.
-
公开(公告)号:US11281383B2
公开(公告)日:2022-03-22
申请号:US15940799
申请日:2018-03-29
Applicant: Intel Corporation
Inventor: Ting Lu , Sean R. Atsatt , Andrew Martyn Draper , Eric Michael Innis
IPC: G06F12/00 , G06F13/00 , G06F13/28 , G06F3/06 , G06F21/79 , G06F12/16 , G11C17/18 , G06F21/60 , G06F21/76 , G06F21/85 , G06F21/75
Abstract: The disclosed systems and methods may secure the fuse programming process in programmable devices to reduce or eliminate malicious discovery of data (e.g., the encryption key, the configuration bitstream) stored in nonvolatile memory via side-channel attacks. A processor may generate a randomized fuse list and the fuses may be blown in the randomized order. Additionally or alternatively, the processor may randomize the wait time between programming of each fuse. Further, the processor may generate a simplified fuse list including only fuses to be blown. The disclosed security systems and methods may be used individually or in combination to prevent determination of sensitive data, such as the encryption key, by monitoring, for example, power consumption in side-channel attacks.
-
公开(公告)号:US20240004810A1
公开(公告)日:2024-01-04
申请号:US17856632
申请日:2022-07-01
Applicant: Intel Corporation
Inventor: Gary Brian Wallichs , Andrew Martyn Draper , Kye Howe Wong , Kalen Brunham , Jeffrey Edward Erickson
IPC: G06F13/16 , G06F13/40 , G06F13/28 , G06F15/167
CPC classification number: G06F13/1673 , G06F13/4072 , G06F13/28 , G06F15/167
Abstract: A system including a host device and an integrated circuit. The host device includes a host memory, the host memory storing configuration data. The integrated circuit device includes an integrated circuit and a direct memory access circuitry. The direct memory access circuitry pulls the configuration data from the host memory. The direct memory access circuitry also programs the integrated circuit based on the configuration data.
-
公开(公告)号:US10444283B1
公开(公告)日:2019-10-15
申请号:US15432810
申请日:2017-02-14
Applicant: Intel Corporation
Inventor: Yi Peng , Andrew Martyn Draper , Nathan Edward Krueger
IPC: G01R31/3185 , G01R31/28 , G01R31/317 , G06F11/273 , G06F11/267 , G01R31/327
Abstract: An integrated circuit device includes a first partition and a second partition. The integrated circuit device also includes a Joint Test Action Group (JTAG) system that controls at least a portion of the integrated circuit device via logic signals. The JTAG system includes a JTAG interface that receives logic signals and a first JTAG hub instantiated in the first partition communicatively coupled to the JTAG interface. The integrated circuit device further includes a second JTAG hub instantiated in the second partition communicatively coupled to the first JTAG hub via a bridge.
-
公开(公告)号:US20190042118A1
公开(公告)日:2019-02-07
申请号:US15940799
申请日:2018-03-29
Applicant: Intel Corporation
Inventor: Ting Lu , Sean R. Atsatt , Andrew Martyn Draper , Eric Michael Innis
Abstract: The disclosed systems and methods may secure the fuse programming process in programmable devices to reduce or eliminate malicious discovery of data (e.g., the encryption key, the configuration bitstream) stored in nonvolatile memory via side-channel attacks. A processor may generate a randomized fuse list and the fuses may be blown in the randomized order. Additionally or alternatively, the processor may randomize the wait time between programming of each fuse. Further, the processor may generate a simplified fuse list including only fuses to be blown. The disclosed security systems and methods may be used individually or in combination to prevent determination of sensitive data, such as the encryption key, by monitoring, for example, power consumption in side-channel attacks.
-
公开(公告)号:US12183412B2
公开(公告)日:2024-12-31
申请号:US17033526
申请日:2020-09-25
Applicant: Intel Corporation
Inventor: Sankaran M. Menon , Andrew Martyn Draper , Ting Lu , Kenneth Chen , Wei Chun Lau
Abstract: An integrated circuit (IC) device configured for multiple return material authorizations (RMAs) is provided. The IC device includes an asset and a return material authorization (RMA) counter fuse including a first fuse, a second fuse, and a third fuse. The IC device enters an RMA state in response to blowing the first fuse, a second state in response to blowing the second fuse, and the RMA state in response to blowing the third fuse.
-
公开(公告)号:US11562101B2
公开(公告)日:2023-01-24
申请号:US16020805
申请日:2018-06-27
Applicant: Intel Corporation
Inventor: Scott J. Weber , Sean R. Atsatt , Andrew Martyn Draper , David Samuel Goldman
Abstract: A programmable logic device verifies that configuration data permissibly programs the programmable logic device. The programmable logic device includes a programmable fabric having partitions to be programmed by the configuration data, a secure device manager that may generate masks based on the configuration data, and a local sector manager. The masks determine that the configuration data is configured to permissibly program the permitted partitions or that the permitted partitions have been permissibly programmed. The local sector manager applies the masks to generate an interleaved result, compares the interleaved result to an expected result, and sends an indication that the configuration data is configured to permissibly program the permitted partitions or permissibly programmed the permitted partitions in response to determining that the interleaved result is the expected result, or sends an alert to stop programming in response to determining that the interleaved result is not the expected result.
-
公开(公告)号:US20190050604A1
公开(公告)日:2019-02-14
申请号:US16020805
申请日:2018-06-27
Applicant: Intel Corporation
Inventor: Scott J. Weber , Sean R. Atsatt , Andrew Martyn Draper , David Goldman
Abstract: A programmable logic device verifies that configuration data permissibly programs the programmable logic device. The programmable logic device includes a programmable fabric having partitions to be programmed by the configuration data, a secure device manager that may generate masks based on the configuration data, and a local sector manager. The masks determine that the configuration data is configured to permissibly program the permitted partitions or that the permitted partitions have been permissibly programmed. The local sector manager applies the masks to generate an interleaved result, compares the interleaved result to an expected result, and sends an indication that the configuration data is configured to permissibly program the permitted partitions or permissibly programmed the permitted partitions in response to determining that the interleaved result is the expected result, or sends an alert to stop programming in response to determining that the interleaved result is not the expected result.
-
-
-
-
-
-
-